Displaying 20 results from an estimated 2000 matches similar to: "RE: Shorewall and an inline IDS (snort-inline orhogwash)"
2005 Mar 29
4
Shorewall and an inline IDS (snort-inline or hogwash)
Is anyone using an inline IDS like hogwash or snort-inline to drop
packets in a system running shoreline? I _think_ I see how to
configure it, but I''d be really interested in finding a howto or
something...
Thanks!
Mike-
--
Mornings: Evolution in action. Only the grumpy will survive.
--
Please note - Due to the intense volume of spam, we have installed site-wide spam
filters at
2005 Mar 30
1
RE: Shorewall and an inline IDS (snort-inlineorhogwash)
You are awesome!!!!
-----Original Message-----
From: shorewall-users-bounces@lists.shorewall.net
[mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Tom
Eastep
Sent: Wednesday, March 30, 2005 9:11 AM
To: Mailing List for Shorewall Users
Subject: Re: [Shorewall-users] Shorewall and an inline IDS
(snort-inlineorhogwash)
Tom Eastep wrote:
> Thibodeau, Jamie L. wrote:
>
2005 Apr 27
23
eth0 & eth1 changing every boot
This is probably a stupid question, but I''m stumped. Practically
every time my firewall boots (not often, but still) eth0 and eth1
exchange places (internet and intranet). How do I lock them down?
SuSE 9.2, Shorewall 2.2.3.
Thanks!
Mike-
--
Mornings: Evolution in action. Only the grumpy will survive.
--
Please note - Due to the intense volume of spam, we have installed site-wide
2005 Mar 30
1
RE: Shorewall and an inline IDS(snort-inlineorhogwash)
Plus I would like to let you know that it works like a charm.
Snort can now see those packets.
-----Original Message-----
From: shorewall-users-bounces@lists.shorewall.net
[mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of
Thibodeau, Jamie L.
Sent: Wednesday, March 30, 2005 9:25 AM
To: Mailing List for Shorewall Users
Subject: RE: [Shorewall-users] Shorewall and an inline
2005 May 17
1
File list Performance question
I have a server running SuSE 9.3 (Samba 3.0.13-1.1). The underlying
filesystem is xfs, and the NICs are Netgear gigabit. 2 Gb of ram in a
P4/3.0 Ghz. The workstations are windows XP Pro, with all service
packs installed, on P4 3+ Ghz, 1-2 Gb of ram. (varies a bit by
workstation)
I have one particular tree on the server that contains over 12K files
in a few hundred subdirs. Breaking it up
2005 Oct 20
8
Shorwall with Snort inline, question.
Question to the list,
Has anyone here had experience using Shorewall (multi-isp configuration)
with Snort inline? First, is this possible? Second, if anyone has done
this, what documentation, if any did they use to set it up? Third, does
snort have to run inline on a firewall (I''m under the impression it does)?
2005 Jun 15
1
shorewall and snort inline
hello list,
i''ve set up shorewall and snort inline on a linux box. it works, but
snort only sees traffic from new connections. and this is because
shorewall automatically generates rules to accept established and
related connections. how can i force shorewall to queue everything, so
that snort can scan the hole traffic like in IDS mode. The setup i have
now is really simple, just 2 zones
2005 Nov 12
1
Help with error message: Can't become connected user
I cannot even start troubleshooting until I buy a clue. What does
"Can't become connected user" mean?
It shows up fairly often. Aside from happening when I try to access a
share, there's no pattern that I can see.
----------
6 11:34:40 badlands smbd[20524]: [2005/11/06 11:34:40, 0]
smbd/service.c:make_connection_snum(577)
Nov 6 11:34:40 badlands smbd[20524]: Can't
2013 Aug 29
2
shorewall and snort - recommendation
Dear all,
I''m setting up a new gateway for a small network (under 30 users)Gw will host the following services:shorewalldnsproxy
i''m considering installing snort.can i do so on the same exact box ? is there any security risk of doing so ?
box would have 4 ISPs and two internal interfaces.
Any recommendation about the optimal setup of snort and shorewall (or if you suggest
2008 May 27
4
freebsd and snort
Hello all:
I tried to install snort under /usr/ports/security and have some problems. with "make all", I checked every item on the menu but I got error messages:
//////////////////////////////
laptop# make all
===> snort-2.8.1_1 is marked as broken: FLEXRESP2 patch file does not incorporate cleanly.
*** Error code 1
Stop in /usr/ports/security/snort.
2003 Apr 17
1
[Fwd: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors]
I figured that someone reading this list might want to take a look at
the proceeding, considering that the version of Snort in FreeBSD ports
-is- affected.
-----Forwarded Message-----
> From: CERT Advisory <cert-advisory@cert.org>
> To: cert-advisory@cert.org
> Subject: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors
> Date: 17 Apr 2003 11:30:47 -0400
2006 Jun 29
2
snort inline and imq
I want to use snort inline for ips and imq for bandwidth shaping
When i have inserted imq module ip_queue module insertion giving error
Is it possible to use both at the same time
--
Failure seldom stops you. What stops you is the fear of failure.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
2003 Aug 28
1
snort, postgres, bridge
I've been prowling through the FreeBSD and Snort list archives in
search of information on setting up snort on a FreeBSD bridge(4)
that logs to a remote postgres box via a third interface (hme0)
Snort is being started with the following command:
/usr/local/bin/snort -A full -D -e -d -s -i fxp0 -c /usr
/local/etc/snort.conf
Where fxp0 and fxp1 are in the bridge
output from sysctl:
2007 May 15
1
Running snort on dom0
Hi all,
I need to monitor all traffic and block bad requests on my guest machines and
also on my xen host. To accomplish this I think to install snort on my dom0 host
(rhel5). Somebody have tried this? What about performance on guests??
Many thanks ...
--
CL Martinez
carlopmart {at} gmail {d0t} com
_______________________________________________
Xen-users mailing list
2005 Dec 12
1
SNORT with flexresp
Dear Friends,
I need to know, if RPM SNORT on repository DAG include option flexresp.
Thanks
Adriano
2009 Jun 25
7
Snort on domU
Hi Everyone,
Can anyone confirm if a xen based domU can be used for snort setup? It is
not for commercial use, rather just SOHO use.
Regards,
dot.yet
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
2009 Jun 25
7
Snort on domU
Hi Everyone,
Can anyone confirm if a xen based domU can be used for snort setup? It is
not for commercial use, rather just SOHO use.
Regards,
dot.yet
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users
2006 Mar 31
0
ULOGD and Snort Inline
Hi All,
I am facing a problem when using ULOG daemon and SNORT (inline mode)
with iptables.
My set up is like this.
1. I need ULOG daemon to log firewall logs to MYSQL database.
2. I need SNORT in inline mode for intrusion prevention.
Both can work fine induvidually with iptables. But ULOG daemon cannot work
when SNORT is also running.
Probably the reason is that snort also hooks to
2003 Mar 23
0
Shorewall and snort-inline
Hi, I''m new to the list, but have been through the documentation,
archives, etc. looking for more info...
I''ve been using shorewall 1.3.14 for a few months now, has been working
well from day one. I''m also using it with dshield (submitting logs and
using the block list).
I''m thinking of adding snort-inline to the mix (I run apache and postfix
on the same box,
2003 Apr 17
0
[kris@FreeBSD.org: cvs commit: ports/security/snort Makefile distinfo pkg-plist ports/security/snort/files patch-snort.c]
FYI
Kris
----- Forwarded message from Kris Kennaway <kris@FreeBSD.org> -----
X-Original-To: kkenn@localhost
Delivered-To: kkenn@localhost.obsecurity.org
Delivered-To: kris@freebsd.org
Delivered-To: ports-committers@freebsd.org
From: Kris Kennaway <kris@FreeBSD.org>
Date: Thu, 17 Apr 2003 14:45:03 -0700 (PDT)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org,